Trust
Security and client boundaries
Devport gives clients useful editing access while keeping source code, hosting, and other client data protected.
The simple principle
A client should only see the website workspace assigned to them. They should not see other clients, technical provider settings, repository controls, or source code.
Client-safe boundaries
- Client identity is verified before portal access.
- Workspace membership controls which project appears.
- Approved fields control what can be edited.
- Approved publish paths control what can be written to the website.
- Draft previews and staged images are scoped to the right workspace.
- Provider credentials stay with the developer or configured provider owner and are not shown to clients.
Why this matters
Devport is meant to give clients useful editing power without exposing the parts of a coded website that can cause serious damage if changed accidentally.
That boundary protects the client, the website, the repository, the hosting path, and other client workspaces.
Related reading
Client portal walkthroughSee how the client portal organizes approved website updates in one place.Billing and accessClient access is tied to assigned workspace membership, and live publishing can require active Devport Access.LimitationsDevport is intentionally focused on approved words and images so the coded website stays protected.